On Sat, Apr 23, 2022 at 10:28:37PM -0400, Wietse Venema wrote:
> It would be invaluable to have a recording of a complete session
> with that system. Something like:
>
> tcpdump -i name-of-interface is 2000 -w /file/name host 1.2.3.4
I think Wietse meant "-s 2000" rather than "is" 2000.
On Sat, Apr 23, 2022 at 09:02:09PM -0400, Wietse Venema wrote:
> The PREGREET logging for those eight craashing sessions shows that
> this client 1.2.3.4 was changing its TLS record version from 0x0303
> (\003\003) to 0x0302 (\003\002) to 0x0301 (\003\001).
>
> Mar 28 01:33:22 mail.lan
On Sat, Apr 23, 2022 at 05:18:06PM -0700, Dan Mahoney wrote:
> Does postfix have any support at all for rewriting the non-email-address
> portion of the from line? (The “Real name” portion).
Only by way of override in sendmail(1) IIRC. The MTA does not rewrite
display names in any systematic
On Sat, Apr 23, 2022 at 12:35:06PM +0800, ミユナ (alice) wrote:
> service lmtp {
> unix_listener /var/spool/postfix/private/dovecot-lmtp {
> mode = 0600
> user = postfix
> group = postfix
> }
This supports message delivery from Postfix to dovecot via LMTP.
> unix_listener
>
> On 23 Apr 2022, at 10:15 am, Demi Marie Obenour wrote:
>
>>>
>>> I have no advice re DMARC, never have or will use it.
>>
>> Which indeed IS a word of advice. :)
It wasn't. I have no need for DMARC, others are welcome to use it or
not as they see fit. Ideally after understanding the
On Fri, Apr 22, 2022 at 06:54:56PM -0700, Dan Mahoney wrote:
> masquerade_domains = !ops.foo.org, !support.foo.org, !gitlab.foo.org,
> !lists.foo.org, isc.org
> masquerade_exceptions = root
Personally, I avoid masquerade_domains, because it does wildcard
rewriting, and effectively breaks
On Fri, Apr 22, 2022 at 06:33:42PM -0400, Wietse Venema wrote:
> (alice):
> > I have made ssl with letsencrypt done :) I found either startssl or TLS
> > works. so may i ask is there a guide for adding DKIM to the outgoing
> > messages with the same letsencrypt certs?
>
> TLS is not DKIM. TLS
On Wed, Apr 20, 2022 at 08:26:16PM -0400, Viktor Dukhovni wrote:
> > this is postfix 3.8-20220325 (FreeBSD port postfix-current) on FreeBSD
> > 13.1-STABLE.
>
> You could install the "postfix" rather than "postfix-current" port.
> I have:
>
>
On Wed, Apr 20, 2022 at 10:20:56PM +0200, Michael Grimm wrote:
> this is postfix 3.8-20220325 (FreeBSD port postfix-current) on FreeBSD
> 13.1-STABLE.
You could install the "postfix" rather than "postfix-current" port.
I have:
-rw-r--r-- 1 root wheel 13544 Mar 17 17:23
>
> On 20 Apr 2022, at 4:20 pm, Michael Grimm wrote:
>
> Apr 20 06:36:27 mail.lan postfix/postscreen[74803]: PREGREET 429
> after 0 from [1.2.3.4]:49074:
> \026\003\003\001\250\001\000\001\244\003\003\327j\316\343\332\272\233\200\236\017\243`\342e\217\204\
That looks like a TLS client
On Tue, Apr 19, 2022 at 09:45:12PM -0600, @lbutlr wrote:
> On 2022 Apr 15, at 16:53, Viktor Dukhovni wrote:
> > On Fri, Apr 15, 2022 at 04:30:19PM -0600, @lbutlr wrote:
> >
> >> However, it is *very* common for a BBC email to have a To header with
> >&
On Tue, Apr 19, 2022 at 03:25:53PM -0300, SysAdmin EM wrote:
> should also be corrected in the file sender_canonical?
>
> /@gmail.com/ nore...@kiusys.com
>
> /@gmail.cl/ nore...@kiusys.com
>
> /@hotmail.com/ nore...@kiusys.com
>
> /@outlook.com/ nore...@kiusys.com
>
> /@satena.com/
On Tue, Apr 19, 2022 at 05:33:50PM -0700, Dan Mahoney wrote:
> Does postfix have any support for TLS reporting (RFC8460)?
>
> Technically, one need not be using MTA-STS to benefit from this. We
> get monitoring of this with our dmarc monitoring provider, and it
> feels like it would be useful
> On 19 Apr 2022, at 10:22 am, Wietse Venema wrote:
>
> If you must do this, why not copy the entire From: value?
>
>/^From:(.+@example\.com\b.+) Reply-To:$1
>
> Note: the \b matches a word boundary, and the \. matches . instead
> of every character.
Since '\b' will also match before a
On Fri, Apr 15, 2022 at 04:30:19PM -0600, @lbutlr wrote:
> However, it is *very* common for a BBC email to have a To header with
> no email address in it at all,
This violates RFC5322 and earlier versions. The "To:" header must
contain at least one address (or group).
On Thu, Apr 14, 2022 at 12:25:11AM -0400, Greg Klanderman wrote:
> > This is naturally documented in access(5), and also in postconf(5)
> > under:
> >
> > smtpd_null_access_lookup_key (default: <>)
> >The lookup key to be used in SMTP access(5) tables instead of the
> >null
On Wed, Apr 13, 2022 at 10:04:59PM -0400, John Levine wrote:
> >in other words if a domain is nullMx postfix still reject it, aswell for
> >senders
>
> Not all MTAs work the same.
Not even Postfix :-)
By default mail is accepted from NullMX envelope sender domains, to
reject it one must elect
> On 12 Apr 2022, at 1:05 pm, Ralph Seichter wrote:
>
> I invite you and other interested parties to discuss this on GitHub [1]
> rather than the Postfix mailing list. Release 1.0 is meant to provide
> core functionality, and follows the "release erly and often" approach.
> There is of course
> On 12 Apr 2022, at 12:36 pm, Erwan David wrote:
>
> Does it handle restarting/reloading a program when changing the certificate ?
> Postfix does not need it, but dovecot does.
My first impression reading the docs is that "letdns"
is not involved in certificate rollovers. Its job
is solely
> On 12 Apr 2022, at 10:30 am, Bill Cole
> wrote:
>
> Most people do not need to run their own full-function mail server from the
> OS up. You can cause yourself major headaches by trying to do so, and as a
> 'newbie' you are likely to do so. If your registrar supports bi-directional
> relay
On Mon, Apr 11, 2022 at 06:20:46PM +0200, Richard Rasker wrote:
> That is a very friendly offer, but if I do, that would of course only be
> temporary, so that I can send e-mail again, and I'd contact you in advance.
>
> Just to make sure: I guess I need to change my MX record for this to
>
On Sun, Apr 10, 2022 at 12:29:36PM -0700, Noah wrote:
> I am working in a software test environment and need to allow anonymous
> logins to postfix. What configuration knobs does postfix need?
Use a test login. The "need" to allow anonymous logins seems
unmotivated.
What SASL mechanism are
On Sun, Apr 10, 2022 at 02:27:33PM -0400, Greg Klanderman wrote:
> Quick question, what is the correct syntax to match an empty sender in
> a hash: sender access map (i.e. check_sender_access)?
This is naturally documented in access(5), and also in postconf(5)
under:
On Sun, Apr 10, 2022 at 10:44:05AM +0200, Admin Beckspaced wrote:
> Dehydrated has the option for different certificate types so I went with
> ECDSA and RSA
>
> https://github.com/dehydrated-io/dehydrated/blob/master/docs/domains_txt.md
>
> Added the following to main.cf
>
> # RSA default
>
On Sat, Apr 09, 2022 at 05:58:33PM -0400, Alex wrote:
> Following up with my other email, I think I can ask the question more
> directly.
Off hand, I did not see any questions in your post.
> I found it was necessary to have an entry in a check_recipient_access
> map with the old address as
On Sat, Apr 09, 2022 at 10:55:03AM +0200, Admin Beckspaced wrote:
> > That host has an ECDSA P384 certificate. This is liable to not be
> > supported by older systems. For maximum interoperability, RSA is safer,
> > or with ECDSA perhaps P256, though likely that too is not supported by
> > a
On Sat, Apr 09, 2022 at 08:52:54AM +0200, Admin Beckspaced wrote:
> Apr 8 09:53:07 cx20 postfix/smtpd[5402]: warning: TLS library problem:
> error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared
> cipher:ssl/statem/statem_srvr.c:2260:
> smtpd_tls_cert_file =
>
On Fri, Apr 08, 2022 at 06:20:12AM +0200, Fourhundred Thecat wrote:
> I have header_checks configured in master.cf:
>
> header-check unix n -n-0
>cleanup
>-o header_checks=regexp:/var/local/postfix/maps/header_checks
>
> when I edit the
On Thu, Apr 07, 2022 at 04:55:26PM +, Pedro David Marco wrote:
> I have destinations not accepting email with a 451 return code. Some
> of them are being sent by postfix to the smtp_fallback_relay and some
> of them are just sent to the deferred queue... Probably i am
> misunderstanding
On Thu, Apr 07, 2022 at 08:20:54AM -0500, Rob McGee wrote:
> > IIUC, you are telling me to change local to virtual, in order to use
> > virtual_mailbox_maps, so vmailbox_result_format => Maildir.
>
> "vmailbox_result_format" is not a setting, where did you see this
> documented?
Actually, it is
On Wed, Apr 06, 2022 at 07:33:41PM +0200, Matus UHLAR - fantomas wrote:
> this is not an internal domain not out client, these are three subdomains of
> remote domain/organization (different IPs from different IP range) I have no
> relationship with.
>
> I have created special transport for
On Wed, Apr 06, 2022 at 02:41:04PM +0200, Matus UHLAR - fantomas wrote:
> >I think that you can stick with the default settings, which
> >keep connections open only when they can be reused immediately.
>
> this unfortunately did not work without listing destinations explicitly in
>
On Tue, Apr 05, 2022 at 08:35:55PM +0200, Arrigo Triulzi wrote:
> On 5 Apr 2022, at 18:38, Bastian Blank
> wrote:
>
> Indeed, you did not but the virtual_alias_map is being ignored. Mmh, must
> have done something stupid.
The parameter name is "virtual_alias_maps".
--
Viktor.
On Tue, Mar 22, 2022 at 08:38:39AM +0100, Arrigo Triulzi wrote:
> Unfortunately I have a slight complication: for a subset of valid
> email addresses I need to “bleed them” out to a different domain (and
> also archive all email but that is simply done with always_bcc).
>
> For example:
>
>
On Tue, Apr 05, 2022 at 04:37:29PM +0200, Matus UHLAR - fantomas wrote:
> >Why DISABLE on-demand connection caching?
>
> I was under impression that disabling caching on demand turns is on by
> default.
That's not the case, it just disables demand caching.
> and having it on by default
On Tue, Apr 05, 2022 at 12:54:55PM +0900, Byung-Hee HWANG wrote:
> soyeomul@yw-1204:~$ cat /etc/postfix/relay_clientcerts
> D7:5B:D1:A0:EA:A1:8D:9F:7A:4D:77:47:AD:DE:2D:07 yw-0919.doraji.xyz
> 01:7A:51:89:E5:C0:07:17:51:66:0D:C5:77:F8:77:38 smtp.gmail.com
These are "md5" hashes, which are
> On 31 Mar 2022, at 10:48 am, Nikolai Lusan wrote:
>
> The process I use to update my certificates uses rsync to overwrite the
> old certs/keys with the new ones. My thought process initially was that
> restarting postfix would have it pick up the new files - eventually by
> inspecting the
On Wed, Mar 30, 2022 at 07:10:09PM +0200, Emmanuel Fusté wrote:
> ForwardToSyslog and other similar journald options activate raw message
> forwarding before any journald processing. This is pure socket to socket
> forwarding without any processing.
Well, "without any processing" is not
On Wed, Mar 30, 2022 at 06:11:33PM +0200, Michael Ströder wrote:
> Or simply set in /etc/systemd/journald.conf:
>
> [Journal]
> Storage=none
> ForwardToSyslog=yes
That does not fully solve the problem, since IIRC rate limits and
performance limitations still apply, perhaps somewhat improved for
> On 30 Mar 2022, at 11:41 am, Nikolaos Milas wrote:
>
> Answering my own question, apparently mail (I cannot determine if ALL of it)
> IS in fact getting delivered, even if not logged in all cases.
>
> Answering to Victor, who replied to me in the meantime and provided valuable
> hints, esp.
On Wed, Mar 30, 2022 at 03:32:39PM +0300, Nikolaos Milas wrote:
> I am facing the following issue:
>
> I am tracing particular mails. They are delivered (after being filtered
> by amavis) from our mail gateway server (postfix) to our internal
> mailbox server (also postfix).
Are you sure
On Tue, Mar 29, 2022 at 09:50:43PM +0200, Jack Raats wrote:
> I have a postfix server on an ip4 and ipv6 adres.
> I'm using clamav-milter for virus scanning. Do I have to use 2 milters,
> one for ipv4 and one for ipv6 or can I use only one milter?
One is enough.
--
Viktor.
On Mon, Mar 28, 2022 at 11:38:12AM -0700, Roger Klorese wrote:
> CentOS 7.9 with SELinux off.
Are you sure about that?
> Mar 28 11:29:16 divine postfix/pipe[2685]: 21FE73000171E:
> to=, relay=sympa,
> delay=599, delays=599/0.06/0/0.04, dsn=4.3.0, status=deferred (temporary
> failure. Command
On Mon, Mar 28, 2022 at 03:23:55PM +1100, raf wrote:
> I just tried this (debian-11, postfix-3.5.6)
> and was surprised by the effect:
>
> postfix tls new-server-key
> postfix tls deploy-server-cert /etc/postfix/cert-20220328-033631.pem
> /etc/postfix/key-20220328-033631.pem
>
> The
On Sun, Mar 27, 2022 at 09:08:53AM +0530, Amarjeet Anand wrote:
> What’s the story behind choosing the name as “Postfix”?
One of the stories can be found here:
https://techmonitor.ai/technology/ibm_takes_on_sendmail_with_secure_mailer
...
IBM calls the new mail program Secure
On Fri, Mar 25, 2022 at 11:28:00AM -0400, post...@ptld.com wrote:
> Am I using the wrong tool for creating a catchall to accept mail for
> addresses that are not specifically defined? This setup does not
> accept mail for local linux users, all valid email addresses are
> defined in
On Thu, Mar 24, 2022 at 11:31:12AM -0300, Leandro Santiago wrote:
> Maybe this is a limitation in the smtp logging and not on header_checks?
Correct.
> Any clues of where such limit might be configured
https://github.com/vdukhovni/postfix/blob/master/postfix/src/smtp/smtp_proto.c#L1140-L1155
> On 22 Mar 2022, at 1:52 pm, Linda Pagillo wrote:
>
> To answer your question Matus, We want to copy because we want to temporarily
> store a message with all of it's meta-data and have the option to resume
> processing at a later time without losing any details.
Create a Postfix instance
On Tue, Mar 22, 2022 at 01:41:48PM +0100, Damian wrote:
> I am looking for input how to implement a DANE- and MTA-STS-capable
> Postfix setup which is able to produce SMTP TLS reports (RFC8460).
The simplest approach is to just manually configure static TLS policies
of "secure" with appropriate
> On 19 Mar 2022, at 5:31 pm, Wietse Venema wrote:
>
> The cleanup server initializes Milters lazily, because they are not
> always needed. In some cases an smtpd process decides if Miltering
> is needed (based on the smtpd_milters setting), and in some cases
> the cleanup server makes that
> On 19 Mar 2022, at 12:49 pm, Matus UHLAR - fantomas wrote:
>
> This should be fixable by using proxymap, better than disabling chroot
> http://www.postfix.org/proxymap.8.html
Postfix typically opens all tables before chroot.
Not clear whether initialisation of milter_header_checks
after
On Sun, Mar 13, 2022 at 08:35:02PM +, lst_ho...@kwsoft.de wrote:
> We have a Postfix Server Version 3.3 and Openssl 1.1.1 on Ubuntu 18.04
> LTS. One user has the need to send e-mail from an age old Windows XP
> VM used because of a special not any more available software.
Is the user on
On Fri, Mar 11, 2022 at 09:37:15AM -0600, Matt Saladna wrote:
> When specifying a range of responses to ignore in postscreen_dnsbl_sites
> it appears that if a weight is zero it is ignored in favor of a non-zero
> weight.
No. Rather, when the same source is listed twice, the weights are
> On 10 Mar 2022, at 3:48 pm, Alex wrote:
>
> Can I use sender_checks to bypass a host like mail.coupahost.com? The
> client IP will constantly change, but I can rely on the sending domain
> to remain the same.
Conditional header checks require a milter or content filter that
can make such fine
On Thu, Mar 10, 2022 at 10:35:01AM -0500, Wietse Venema wrote:
> > I am using a milter that uses a connection timeout of five minutes, ie
> > this milter simply closes the connection from Postfix after five minutes
> > of silence.
>
> If the problem is that email arrives slowly (800
On Tue, Mar 08, 2022 at 03:57:50PM +0100, Zsombor B wrote:
> Can you please confirm that postfix creates a file from each and every
> email at least once?
Postfix queue files are in an undocumented internal format, and virus
scanners at the filesystem level are not appropriate for scanning the
On Mon, Mar 07, 2022 at 07:05:53PM -0500, Alex wrote:
> > Replace "reject_non_fqdn_helo_hostname" with:
> >
> > main.cf:
> > pcre = pcre:${config_directory}/
> >
> > # In the client, helo, sender or recipient restriction list
> > smtpd_..._restrictions =
> >
On Mon, Mar 07, 2022 at 03:31:43PM -0500, Alex wrote:
> Mar 7 13:25:36 armor postfix-113/smtpd[4009829]: NOQUEUE: reject:
> RCPT from unknown[173.213.231.144]: 504 5.5.2 : Helo command
> rejected: need fully-qualified hostname; from=<>
> to= proto=ESMTP helo=
>
>
> On 4 Mar 2022, at 11:01 pm, Noel Jones wrote:
>
> think you configure unbound with another forward-zone: name:
> “zen.spamhaus.org” and then don’t list any forwarding addresses. That should
> turn off forwarding for that zone.
>
> A forum for your OS or for unbound will probably give an
> On 3 Mar 2022, at 10:06 pm, Alex wrote:
>
> I believe there's a dot missing in the first one, as in '.(386' but
> it's more than that, because I experimented with that too.
No, it would have to be: \.(386|...)
otherwise '.' just matches any character. Your RE pattern is sloppy
in places,
On Thu, Mar 03, 2022 at 06:04:43PM -0500, Alex wrote:
> > > Content-Type: text/html; charset="US-ASCII"; name="download.html"
> > > Content-Disposition: attachment; filename="download.html"
It seems you're trying to block "mumble.html" attachments.
> It's still not working, and I suspect the
On Wed, Mar 02, 2022 at 08:57:51PM -0500, Alex wrote:
> Content-Type: text/html; charset="US-ASCII"; name="download.html"
> Content-Disposition: attachment; filename="download.html"
>
> And this is the regex I currently have. Hopefully it wraps properly.
>
On Tue, Mar 01, 2022 at 06:18:36PM +, Cooper, Robert A wrote:
> Howdy! I'm trying to figure out some tuning for a cluster of postfix
> servers behind a load balancer.
Get rid of the load balancer. It does a lot more harm than good. In
particular, it makes your system appear to be a single
On Sat, Feb 26, 2022 at 02:14:42PM -0700, Austin Witmer wrote:
> It is my understanding that header checks are processed line by line,
That understanding is correct.
> but I am seeing some behavior that makes me question that.
You've confused yourself by misinterpreting what you're seeing.
>
> On 25 Feb 2022, at 9:57 am, Wietse Venema wrote:
>
> @lbutlr:
>> In short, does postfix need to know the name the client used to connect
>> to the server?
>
> By default, Postfix does not care how a client discovers an MTA
> (which MX record was used, if any, etc.).
>
> You can configure
On Thu, Feb 24, 2022 at 06:58:46PM -0300, Leandro Santiago wrote:
> (please let me know if this message somehow goes against the list rules)
It is borderline relevant, provided in practice such posts don't become
frequent, and perhaps whatever you're working on might ultimately
benefit the
> On 23 Feb 2022, at 2:50 pm, Wietse Venema wrote:
>
>>>
>>> TWO settings to enable UTF8? Bah.
>>
>> No, because the second one would be *ON* by default.
>
> And that would be an incompatible change from LATIN1?
Only if also "smtputf8_enable = yes". That is, with "smtputf8_enable = yes"
> On 23 Feb 2022, at 6:38 am, Wietse Venema wrote:
>
> TWO settings to enable UTF8? Bah.
No, because the second one would be *ON* by default.
It would probably be better named "utf8_disable" and then
be "off" by default.
--
Viktor.
On Tue, Feb 22, 2022 at 07:10:44PM -0500, Wietse Venema wrote:
> There are two #ifdef SNAPSHOT blocks.
>
> - The one in dict_pgsql_lookup() returns not found when SMTPUTF8
> is enabled, but a query is not valid UTF8.
>
> - The one in plpgsql_connect_single() sets the PgSQL client encoding
>
On Tue, Feb 22, 2022 at 02:32:29PM -0800, Nathan Van Ymeren wrote:
> > So UTF8 is only used in development snapshots and not in release builds.
> > This code needs to be made either conditional on EAI (UTF8) being
> > enabled, or a new user-settable PgSQL table parameter.
> >
> > > How do I get
On Tue, Feb 22, 2022 at 01:41:00PM -0800, Nathan Van Ymeren wrote:
> I have enabled UTF8 in postfix as per the instructions here:
> http://www.postfix.org/SMTPUTF8_README.html#enabling , which you can
> see in the following config info:
This enables UTF8 in SMTP, but does not presently affect
On Tue, Feb 22, 2022 at 10:16:26AM +0100, Víctor Rubiella Monfort wrote:
> Next test should be test to add all-accounts to alias maps:
>
> virtual_mailbox_maps:
>h...@example.com maildir1/
>ad...@example.com maildir2/
>
> virtual_alias_maps
>@example.com h...@example.com
>
On Mon, Feb 21, 2022 at 11:27:07PM -0500, billy noah wrote:
> Can I use alternation in the negation pattern to match multiple addresses
> to exclude?
>
> if !/^(nobody|noreply|noone)@/
http://www.postfix.org/pcre_table.5.html
http://www.postfix.org/regexp_table.5.html
--
Viktor.
On Mon, Feb 21, 2022 at 08:17:17PM -0500, billy noah wrote:
> /^([^@]+)@[a-zA-Z0-9_]+\.[a-zA-Z0-9_]+$/ $1...@example.com
>
> This works great, however I have an email address nob...@example.com that
> I'd like to *exclude* from this configuration. How can I configure
> sender_bcc_maps to
On Thu, Feb 17, 2022 at 11:02:37AM -0500, Wietse Venema wrote:
> > Out of interest, how does this behave if one of the servers is temporarily
> > unreachable?
>
> Randmap returns ONE result. Oh, and it should be
>
> default_tramsport_maps = randmap:{ ... }
The various transports could have
On Wed, Feb 16, 2022 at 05:05:39PM -0500, Viktor Dukhovni wrote:
> > There is a mandatory printable() filter in the bounce daemon after
> > it reads a request, before it writes the bounce/defer/etc log (look
> > for the VS_NEUTER macro). ESC does not count as a p
> On 16 Feb 2022, at 3:49 pm, Wietse Venema wrote:
>
>> Can Postfix accept (without mangling) (with representing
>> the underlying character) any of:
>>
>>Server:
>>MAIL FROM:<"foo+\bar"@example.com>
>>RCPT TO:<"foo+\bar"@example.com>
>
> Accepted, and preserved in
On Wed, Feb 16, 2022 at 02:15:31PM -0500, Wietse Venema wrote:
> > Well, if a message contains non-printable characters in the sender,
> > one of the recipient addresses, or delay reason, and I process the
> > output of "postqueue -j" in a language that supports JSON ("jq",
> > "python", "perl",
> On 16 Feb 2022, at 1:20 pm, Wietse Venema wrote:
>
>> Actually, no, with "-r" not only are quotes removed, but also escaped
>> forms are converted back to the underlying UTF-8 form, and control
>> characters are output verbatim (as newlines, ESC, ...).
>
> Oops, I did an incorrect experiment.
On Wed, Feb 16, 2022 at 12:09:24PM -0500, Viktor Dukhovni wrote:
> > I think I missed that "jq -r" output is still json-escaped. In that
> > light, is there any need for 3.7-style sanitization of json output?
> > We could still revert that early in 3.7.1; I doubt that
> On 16 Feb 2022, at 11:43 am, Wietse Venema wrote:
>
>> Users who want an unsanitised form of the queue content should
>> consume JSON.
>
> Unsanitized but json-escaped. If people want to unescape that, then
> they have to write extra code, so 'unsanitized' would still be safe
> for naive
On Wed, Feb 16, 2022 at 09:42:51AM -0500, Wietse Venema wrote:
> > Alternatively, perhaps there should be an option to turn off the safety
> > net. Something like the '-J' option below (with appropriate
> > documentation and warnings).
>
> And what about non-json output?
My view of "postqueue
On 16 Feb 2022, at 8:16 am, Wietse Venema wrote:
> postqueue -j | jq -r '
> # See JSON OBJECT FORMAT section in the postqueue(1) manpage
> select(.queue_name == "deferred")
> | .queue_id
> ' | postsuper -h -
While we're on the topic of JSON output, FWIW, I am not convinced that
the
> On 15 Feb 2022, at 11:07 am, Jaroslaw Rafa wrote:
>
> It could help a bit if OP would know where exactly his security team found
> the posting in question. Then he should write to administrator of that
> particular site asking for removal. But even if it will be removed there, it
> is only one
On Sun, Feb 13, 2022 at 11:56:27AM -0500, post...@ptld.com wrote:
> Just to clarify, does this error mean they requested SASL login and
> postfix told them it wasn't enabled? I am under the belief SASL
> logins are disabled on port 25.
Are you sure the connection was to port 25? Is submission
> On 11 Feb 2022, at 9:09 am, michael.osi...@siemens.com wrote:
>
> What I have come up with is doing in /usr/local/etc/postfix/canonical:
>> @localhost @myhostname
>
> I had to add the actual hostname since @$myhostname is not supported.
> My question: Is this the proper way to go with
> On 10 Feb 2022, at 11:17 pm, raf wrote:
>
> But I still don't see why it was only the second
> replacement index that was out of range, and not the
> first as well.
https://sciencing.com/what-is-a-counterexample-in-algebra-12750822.html
...
One Counterexample Is Sufficient
The philosophy of
> On 10 Feb 2022, at 7:03 pm, raf wrote:
>
> Thanks, but I'm not sure that that is material to this
> issue.
It is.
> Even with regexp, x refers to "extended
> expression syntax".
Which is a converse to "basic expression syntax", i.e. the obsolete
BRE syntax, in which "(" and "|" are
On Thu, Feb 10, 2022 at 10:27:32PM +, Eric Wilkison wrote:
> header_checks:
> /^X-Forefront-Antispam-Report:.*SFV:(SPM|SKS|SKB).*to=<.*@ms2019.mobility-lab.com>/
> WARN It's working
You're expecting recipient information to be present in the header text.
> Feb 10 15:48:21 relay1
On Thu, Feb 10, 2022 at 01:50:36PM -0600, Edward Sandberg wrote:
> I am attempting to configure content filtering by following this guide:
>
> http://www.postfix.org/FILTER_README.html
>
> I have added the filter service and modified the smtp service in master.cf:
>
> filterunix - n
> On 9 Feb 2022, at 5:15 pm, raf wrote:
>
> ... and turning on/off x just means
> that space characters in the pattern are/aren't ignored. There
> aren't any space characters there so it should be immaterial.
You're confusing the "x" flag of pcre_table(5) with the rather
different "x" flag of
On Wed, Feb 09, 2022 at 05:27:09PM +, Dominic Raferd wrote:
> Is your attachment file exactly 7MB or a bit bigger? Encoding as Base64
> (to attach to an email) increases its size by c.37%.
> 1024/1.37=7.13MB. Any attachment bigger than this will hit your
> message_size_limit.
Base64
On Wed, Feb 09, 2022 at 06:00:59PM +0530, Nitin N wrote:
> On Wed, 9 Feb 2022, 4:44 pm Bastian Blank, postfix@waldi.eu.org> wrote:
>
> > On Wed, Feb 09, 2022 at 12:45:21PM +0530, Nitin N wrote:
> > > I checked out master_service_disable at here
> > >
On Tue, Feb 08, 2022 at 10:27:17PM +0530, Nitin N wrote:
> The way to share concise configurations is:
>
> $ postmulti -x /bin/sh -c '
> echo "=== $MAIL_CONFIG:"
> postconf -nf
> echo "---"
> postconf -Mf
> '
> On 8 Feb 2022, at 6:14 am, Nitin N wrote:
>
> I wanted to share the configs but my messages got auto-rejected twice for
> size >4 characters
The way to share concise configurations is:
$ postmulti -x /bin/sh -c '
echo "=== $MAIL_CONFIG:"
postconf
> On 8 Feb 2022, at 6:14 am, Nitin N wrote:
>
> I am trying to run multiple instances of Postfix using Postmulti on a single
> NIC using aliased IPs. Postmulti doesn't seem to bind the instances to the
> aliased IPs. I do not get any errors in the maillog and all instances are
> shown as
> On 7 Feb 2022, at 11:54 am, Demi Marie Obenour wrote:
>
> To what extend is Postfix’s process-per-connection architecture a
> limitation here?
It isn't a practical barrier. The reason to increase concurrency
is to be able to handle more "slow" connections without running out
of connection
On Mon, Feb 07, 2022 at 11:43:55AM -0500, Viktor Dukhovni wrote:
> > Is the configuration tag incorrect, or is indeed the branch behind the
> > release ?
>
> Update your git clone.
Note also that my Postfix git repository is not an official
location from which to obtain
On Mon, Feb 07, 2022 at 01:37:24PM -0300, Nilo César Teixeira wrote:
> Building from https://github.com/vdukhovni/postfix/tree/postfix-3.7 leads
> to this configuration info:
You must have a stale copy of the branch.
On Mon, Feb 07, 2022 at 03:11:25PM +0100, Víctor Rubiella Monfort wrote:
> We can increase smtp easly to 1000 connections for example to allow
> multiple incoming connections.
When you raise the number of "smtp inet ... smtpd" process slots the you
just need to ensure that your disk and network
1001 - 1100 of 6491 matches
Mail list logo